Getting Error When Activating Changes vi /em After a New Certificate installed and HTTP Listener is Configured to Use the New Certificate
(Doc ID 2460524.1)
Last updated on JUNE 20, 2024
Applies to:
Oracle Traffic Director - Version 12.2.1.0.0 and laterOracle WebLogic Server - Version 12.2.1.0.0 and later
Information in this document applies to any platform.
Symptoms
Getting below error on the /em console when trying to use a newly installed certificate:
An error occurred during activation of changes, please see the log for details.
[Management:141190]The commit phase of the configuration update failed with an exception.
There are 1 nested Exceptions: weblogic.nodemanager.NMException: Received error message from Node Manager Server: [Node Manager command 'COMMIT_CHANGELIST' failed unexpectedly due to: [OTD-67801 Commit failed with the following errors: OTD-67804 Error while updating instance 'otd_ConfigName_MachineName': OTD-67757 An error occurred while reconfiguring the instance. [ERROR:16] [OTD-10167] Found only 0 certificate(s) out of 1 certificate(s) needed. [ERROR:16] [OTD-10173] Searched for certificate with subject "CN=host1.domain,OU=xxxx,O=xxxx,L=xxx,C=xx, issuer CN=MyRootCA,O=xxx,C=xx and serial number <SERIAL_NUMBER> . [ERROR:16] [OTD-10172] Unable to get matching server certificate(s) information. [ERROR:32] [OTD-10127] Error setting SSL parameters for HTTP listener [ERROR:32] [OTD-10492] New configuration not installed ]. Please check Node Manager log and/or server log for detailed information.]. Please check Node Manager log for details.
The Java Keystore containing a chain of certificates including the new certificate and its key along with the Intermediate CA certificate and CA certificate was imported successfully using the wlst command:
wls:/offline> connect('USERNAME','PASSWORD','t3://host:port)
Connecting to t3://host:port with userid weblogic ...
Successfully connected to Admin Server "AdminServer" that belongs to domain "otd_domain".
Warning: An insecure protocol was used to connect to the server.
To ensure on-the-wire security, the SSL port or Admin port should be used instead.
wls:/otd_domain/serverConfig/> svc = getOpssService("KeyStoreService")
wls:/otd_domain/serverConfig/> svc.importKeyStore(appStripe='OTD', name='CONFIG_NAME', password='PASSWORD', aliases='MyAlias', keypasswords='PASSWORD', type='JKS', permission=true, filepath='<PATH>/keystore..jks')
Location changed to domainRuntime tree. This is a read-only tree
with DomainMBean as the root MBean.
For more help, use help('domainRuntime')
The DOMAIN/sysman/logs/emmos.log shows below error that corresponds to the error seen on the /em console:
2018-10-10 14:27:22,754 [[ACTIVE] ExecuteThread: '30' for queue: 'weblogic.kernel.Default (self-tuning)'] WARN internal.WLSEditSessionManagerImpl logp.251 - Exception recevied in commitTransaction
oracle.sysman.emInternalSDK.sdkas.general.pojo.changemgmt.MBeanTargetException: [Management:141190]The commit phase of the configuration update failed with an exception.<br> There are 1 nested Exceptions:
weblogic.nodemanager.NMException: Received error message from Node Manager Server: [Node Manager command 'COMMIT_CHANGELIST' failed unexpectedly due to: [OTD-67801 Commit failed with the following errors:
OTD-67804 Error while updating instance 'otd_ConfigName_MachineName':
OTD-67757 An error occurred while reconfiguring the instance.
[ERROR:16] [OTD-10167] Found only 0 certificate(s) out of 1 certificate(s) needed.
[ERROR:16] [OTD-10173] Searched for certificate with subject "CN=host1.domain,OU=xxxx,O=xxxx,L=xxx,C=xx, issuer CN=MyRootCA,O=xxx,C=xx and serial number <SERIAL_NUMBER> .
[ERROR:16] [OTD-10172] Unable to get matching server certificate(s) information.
[ERROR:32] [OTD-10127] Error setting SSL parameters for HTTP listener
[ERROR:32] [OTD-10492] New configuration not installed
]. Please check Node Manager log and/or server log for detailed information.]. Please check Node Manager log for details.
at oracle.sysman.emas.sdk.changemgmt.internal.WLSEditSessionManagerImpl.commitSession(WLSEditSessionManagerImpl.java:385)
at oracle.sysman.emas.sdk.changemgmt.internal.ConfigurationSessionManagerImpl.commitTransaction(ConfigurationSessionManagerImpl.java:583)
at oracle.sysman.as.wlsc.model.changemgmt.ChangeCenterRegionModelBean.doConfigurationSessionAction(ChangeCenterRegionModelBean.java:787)
at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean._doConfigurationSessionAction(ChangeCenterRegionViewBean.java:713)
at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean._doConfigurationSessionAction(ChangeCenterRegionViewBean.java:681)
at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean.doActivateChanges(ChangeCenterRegionViewBean.java:824)
at sun.reflect.GeneratedMethodAccessor6139.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.sun.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:181)
at com.sun.el.parser.AstValue.invoke(AstValue.java:289)
Prior to above error there is also below error showing in the logs:
2018-10-10 14:01:50,607 [[ACTIVE] ExecuteThread: '42' for queue: 'weblogic.kernel.Default (self-tuning)'] WARN changemgmt.ChangeCenterRegionViewBean logp.251 - Exception occurs while calling _doConfigurationSessionAction
oracle.sysman.emSDK.app.exception.EMSystemException
at oracle.sysman.as.wlsc.model.changemgmt.ChangeCenterRegionModelBean.doConfigurationSessionAction(ChangeCenterRegionModelBean.java:820)
at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean._doConfigurationSessionAction(ChangeCenterRegionViewBean.java:713)
at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean._doConfigurationSessionAction(ChangeCenterRegionViewBean.java:681)
at oracle.sysman.as.wlsc.ui.view.changemgmt.ChangeCenterRegionViewBean.doActivateChanges(ChangeCenterRegionViewBean.java:824)
at sun.reflect.GeneratedMethodAccessor6139.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
...
... 103 more
Caused by: weblogic.management.mbeanservers.edit.NotEditorException: weblogic.management.provider.EditNotEditorException: Not edit lock owner
at weblogic.management.mbeanservers.edit.internal.ConfigurationManagerMBeanImpl.save(ConfigurationManagerMBeanImpl.java:329)
at sun.reflect.GeneratedMethodAccessor5488.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at weblogic.management.jmx.modelmbean.WLSModelMBean.invoke(WLSModelMBean.java:531)
...
Caused by: weblogic.management.provider.EditNotEditorException: Not edit lock owner
at weblogic.management.provider.internal.EditAccessImpl.checkEditLock(EditAccessImpl.java:2300)
at weblogic.management.provider.internal.EditAccessImpl.saveChanges(EditAccessImpl.java:1510)
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |